MicrosoftEdgeUpdateComRegisterShell64.exe

  • File Path: C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateComRegisterShell64.exe
  • Description: Microsoft Edge Update COM Registration Helper

Hashes

Type Hash
MD5 3DACF7CC11DE65C60616DC29C41397BE
SHA1 525383A5FFF58295760D311F3FA6C09C97F90881
SHA256 F38C70879B558C534233995436F822B5038BEB2788F03C9705AB8F6218717888
SHA384 DC80D79278D9647A08D27FABCCA9E66B444C86645CD5E480956035CDABAB7485F24EE0DE75F1D07F5C1A6DD16B0CA4B1
SHA512 FDA5C886D98D76E7DEB2F4B441792E1704ABD8AB3D72893270F55092C873EDBA6D4DC57A2372E162CCEFB7E09906C9C20F24AFF68F92D7BDFBBC3BF2C6219744
SSDEEP 3072:o3F4ybfH29tBArqxqrpa9NeKt7/naUmG/WoY46by8lNkNVZwGNL:oyyq9XArqQVaKOLVgohtvL
IMP B7765AC6E7797B3D4568B5E0BF18E9D6
PESHA1 2D71D43A701630372DB7F3ED2A2A7BE4BF471163
PE256 BDF8CD866B3475C392414EEC372C9A0CF8F67FAACB737DCDF7D4D208DF5D3DFA

Runtime Data

Loaded Modules:

Path
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\MicrosoftEdgeUpdateComRegisterShell64.exe
C:\Windows\System32\KERNEL32.DLL
C:\Windows\System32\KERNELBASE.dll
C:\Windows\System32\msvcrt.dll
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\SHLWAPI.dll

Signature

  • Status: Signature verified.
  • Serial: 33000001E2F17D92020E49F87F0000000001E2
  • Thumbprint: C774204049D25D30AF9AC2F116B3C1FB88EE00A4
  • Issuer: CN=Microsoft Code Signing PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: MicrosoftEdgeUpdateComRegisterShell64.exe
  • Product Name: Microsoft Edge Update
  • Company Name: Microsoft Corporation
  • File Version: 1.3.153.47
  • Product Version: 1.3.153.47
  • Language: English (United States)
  • Legal Copyright: Copyright Microsoft Corporation
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/73
  • VirusTotal Link: https://www.virustotal.com/gui/file/f38c70879b558c534233995436f822b5038beb2788f03c9705ab8f6218717888/detection

Possible Misuse

The following table contains possible examples of MicrosoftEdgeUpdateComRegisterShell64.exe being misused. While MicrosoftEdgeUpdateComRegisterShell64.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_persistence_search_order.yml Image\|endswith: '\MicrosoftEdgeUpdateComRegisterShell64.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.